Security Engineer (Threat and Vulnerability Management)

Reports to: Sr. Manager, Security Operations

Location: Remote, USA

Job Purpose:  In this role, you will provide support for the Security Operations function. You will scale out vulnerability response processes to drive remediation across all LTK products and assets. You will coordinate goal and success metrics setting, tracking and operational reviews for effective remediation of vulnerabilities discovered via various initiatives, activities and tools. You will also support other security operation activities as needed (e.g. detection and response).   

Key Responsibilities:

• Lead and drive remediation efforts within LTK to increase the efficiency of vulnerability management processes.
• Articulate risk and impact to product, engineering and other business leaders with the ability to convey the urgency and need to remediate a vulnerability commensurate with the risk it presents to LTK.
• Conduct internal vulnerability assessments and vulnerability analysis upon external vulnerability reports, zero-day announcements, security incidents etc. 
• Monitor and maintain vulnerability and code scanning, security configuration and other vulnerability management tools.
• Develop and maintain security policies, procedures, and standards related to vulnerability management.
• Participate in security audits and assessments to ensure compliance with regulatory requirements and industry standards. 
• Perform vulnerability re-production and fix validation of vulnerabilities where required.
• Maintain strong knowledge of ongoing security threats, remediations and operational best practices in the threat and vulnerability management. 
• Create reports and dashboards to drive vulnerability remediation efforts and process improvements. 
• Drive regular operational and business reviews for threat and vulnerability management activities. 
• Lead effective cross-functional collaboration across groups within LTK.
• Support other security operation activities as needed (e.g. detection and response).
• Participate in the Security Incident Handler on-call rotation. 
• Develop and implement processes to improve the overall productivity of the Security and IT organization. 

Requirements:

• 5+ years of experience in vulnerability management or a related field
• Experience supporting security operations for SaaS and mobile applications
• Excellent technical skills in vulnerability management technologies, such as vulnerability scanners, penetration testing tools, and threat intelligence platforms
• Excellent problem-solving skills and attention to detail
• Strong communication and collaboration skills
• Experience working with analytics and reporting tools
• A strong understanding of cloud platforms and technologies (EKS, Kubernetes)
• Work effectively as part of a geographically distributed team